Possible IMAP Version Vulnerability


An attacker can receive imap administrator privilige which can be used e.g. to create or delete folders.

The Problem

A vulnerability in the SuSE Linux IMAP Server - which is unrelated to the SuSE Linux Distribution (which is unaffected) - was found which allows remote users to circumvented the imap authentication.

No specific information concerning version numbers was provided by SuSE. Consequently, SARA cannot differentiate between vulnerable and non-vulnerable servers.


Get the security fix from SuSE at:


CVE Reference(s):